Client: Saudi Aramco
Role: SAP GRC & Security Architecture
Start Date: April 2021 onwards
Key projects delivered so far:
* SAP ECC to SAP S/4HANA 2020 Conversion
* SAP MDG Materials - Security Design & Implementation
* SAP MDG Service Master - Security Design & Implementation
* SAP ECC to SAP S/4HANA 2021 Conversion
* SAP ECC to SAP S/4HANA 2020 Consolidation
* SAP Fiori Security - Design & Implementation
Projects in-progress:
* SAP S/4HANA 2020 to SAP S/4HANA 2022 Upgrade
* GRC 12.0 on S/4HANA 2022
* HCM on S/4HANA (Conversion or Consolidation) - Analysis in-progress
* SAP SNC & BTP to S/4HANA - Security Design & Implementation
* SAP BIS Upgrade
* SAP Ariba - Security Design & Implementation
Project # 1: S/4HANA Conversion for Core system (Finance and Logistics)
Responsibilities:
* Perform impact analysis for existing ECC system and prepare assessment report
* Key stakeholders within Finance and Logistics
Managerial Experience apart from technical skills:
SAP GRC & Security Practice Lead (Horizontal Division) within TCS:
* Managed 80+ SAP GRC & Security resources team in different projects (Implementation, Audit,
Controls Design & Review, Upgrades, Enhancements)
* Managed all SAP GRC & Security projects across globe within TCS
* Worked with Business Partners, Internal & External Auditors to ensure agreement in the
design and implementation of IT and Business Controls
* Worked with Internal & External auditors and Define/Review/Test access control framework,
SAP security role design & testing strategy
* Contributor to the design and implementation of enhancements for internal controls such as
SoD, Change Management, Access Management, IT operations, workflow and application
configuration.
* Participated in scoping activities for IT SoX applications, systems changes
* Perform risk and security reviews/audits over SAP implementations and upgrades
* Conduct quality reviews of control documentation to ensure that documentation will pass SOX
audits. Perform risk assessments, determine root cause and recommend corrective action plans.
* Maintained the global repository of controls and related controls design documentation.
* Developed and delivered training workshops, sessions, materials, and presentations to assist
process owners, employees, and management with IT SOX processes and controls.
* Develops status reports and key metrics to support the IT Risk and Compliance function.
* Responded SAP GRC & Security RFP's, prepared effort estimations, proposal, participated
proposal defense presentation & provide solution recommendations
Stakeholder Management
* Developed GRC & Security Business Strategy Plan to fulfill Audit requirements.
* Drive in business development initiatives along with client management and account
management
* Conduct walk-through sessions with all key stakeholders from client on all SAP GRC modules
* Assist & Prepare in GDPR, Protect SAP System's & SAP IDM requirements
* Involved in SAP Audit Management & Fraud Management Demo's to clients
* Response to RFP's, prepare effort estimations, cost estimates and provide solution
presentation to clients
* Help manage the financial aspects of engagements by organizing staffing, tracking fees and
communicating issues to project leaders